package com.xr.blog.controller;

import com.xr.blog.pojo.SysUser;
import com.xr.blog.service.SysUserService;
import com.xr.blog.tools.Result;
import com.xr.blog.tools.ValidatorUtils;
import com.xr.blog.tools.constant.Code;
import com.xr.blog.tools.security.LoginUser;
import com.xr.blog.tools.security.PBKDF2Utils;
import com.xr.blog.tools.security.TokenService;
import org.apache.commons.codec.digest.DigestUtils;
import org.apache.commons.lang3.StringUtils;
import org.apache.ibatis.annotations.Insert;
import org.apache.ibatis.annotations.Update;
import org.springframework.beans.factory.annotation.Autowired;
import org.springframework.security.crypto.bcrypt.BCryptPasswordEncoder;
import org.springframework.validation.annotation.Validated;
import org.springframework.web.bind.annotation.*;

import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpSession;


/**
 * 
 *
 * @author XRJ
 * @email 1033835209@qq.com
 * @date 2020-07-07 20:31:38
 */
@RestController
@RequestMapping("/squirrelblog")
public class SysUserController {
    @Autowired
    private SysUserService sysUserService;

    @Autowired
    private TokenService tokenService;


    @PutMapping(value = "/user",produces = "application/json;charset=UTF-8")
    public Result<SysUser> info(HttpServletRequest request){
        LoginUser loginUser=tokenService.getLoginUser(request);
        return Result.of(Code.SC_OK.getState(),Code.SC_OK.getDescription(),loginUser.getUser());
    }

    @PostMapping(value = "/user/updateInfo",produces = "application/json;charset=UTF-8")
    public Result save(@RequestBody @Validated({Update.class}) SysUser user,HttpServletRequest request){
        LoginUser loginUser=tokenService.getLoginUser(request);
        //ValidatorUtils.validate(user);
        if(StringUtils.isNotEmpty(user.getEmail())){
            user.setEmailMd5(DigestUtils.md5Hex(user.getEmail()));
        }
        boolean res=sysUserService.updateById(user);
        if(!res){
            return Result.of(Code.MUNEINSERTTOID_EOOR.getState(),"修改失败",null);
        }
        //更新缓存中的数据
        loginUser.setUser(user);
        tokenService.setLoginUser(loginUser);
        return Result.of(Code.SC_OK.getState(),"修改成功",null);
    }


    @PostMapping(value ="/user/changePass",produces = "application/json;charset=UTF-8")
    public Result changePass(@RequestParam(value = "oldPass",required = false)String oldPass,
                             @RequestParam(value = "newPass",required = false)String newPass,
                             HttpServletRequest request) throws Exception{
        ValidatorUtils.isBlank(oldPass,"原密码不能为空");
        ValidatorUtils.isBlank(newPass,"新密码不能为空");
        LoginUser loginUser=tokenService.getLoginUser(request);
        SysUser user=loginUser.getUser();
        BCryptPasswordEncoder bcryptPasswordEncoder = new BCryptPasswordEncoder();
        boolean checkPass=bcryptPasswordEncoder.matches(oldPass,user.getPassword());
        if(!checkPass){
            return Result.of(1,"原密码输入错误",null);
        }
        //生成新盐(改用强散列哈希加密，无需盐)
        //String salt=PBKDF2Utils.getSalt();
        //加密(改用强散列哈希加密)
        //String password=PBKDF2Utils.getPBKDF2(newPass,salt);
        String password=bcryptPasswordEncoder.encode(newPass);
        //user.setSalt(salt);
        user.setPassword(password);
        sysUserService.updateById(user);
        //退出登录
        tokenService.delLoginUser(loginUser.getToken());
        return Result.of(Code.SC_OK.getState(),"修改密码成功",null);
    }
}
